Cybersecurity is an essential part of the due diligence process

Cyber­se­cu­rity is incre­asingly a reason for signi­fi­cant opera­tio­nal and finan­cial risks for entire compa­nies. It urgen­tly needs to be included in the evalua­tion process for take­overs and sales. After all, poten­tial thre­ats and attack surfaces for cyber crimi­nals do not arise out of nowhere. They deve­lop as a result of risky neglect of cyber risks, incor­rect prio­ri­tiza­tion and deli­be­rate conce­al­ment of inci­dents or damage that has occur­red in the run-up to company sales. The topic of cyber­se­cu­rity should ther­e­fore be firmly ancho­red in due dili­gence procedures. 

The exam­ple of the Swabian battery manu­fac­tu­rer Varta shows how a serious cyber inci­dent can have a decisive impact on the future of the company and, in parti­cu­lar, on the sale of divi­si­ons. Varta was a restruc­tu­ring case in 2024. A restruc­tu­ring road­map was drawn up to secure the company’s future. It was precis­ely at this stage that a ransom­ware attack was laun­ched on the alre­ady ailing battery manufacturer.